Salut a tous ,depuis 3 jour je suis infecté par un cheval de Troie Backdoor.Win32.Hupigon.tsy localisé dans explorer.exeFDCatch.dll
Je n'arrive pas a le supprimer ,j'ai kaspersky 6.0 + a squaredfree + ccleaner + 3 antivirus en ligne ( ne decouvre rien ) +hijackthis V2
Infecté : cheval de Troie Backdoor.Win32.Hupigon.tsy explorer.exeFDCatch.dll 476 Ko
Infecté : cheval de Troie Backdoor.Win32.Hupigon.tsy explorer.exeFDCatch.dll 476 Ko
Infecté : cheval de Troie Backdoor.Win32.Hupigon.tsy fd.exeFDCatch.dll 476 Ko
Infecté : cheval de Troie Backdoor.Win32.Hupigon.tsy IEXPLORE.EXEFDCatch.dll 476 Ko
Infecté : cheval de Troie Backdoor.Win32.Hupigon.tsy explorer.exeFDCatch.dll 476 Ko
ca c'est un rapport hijackthis; et avec kaspersky il le trouve ,le supprime mais revien 2 heure apres Fâché Fâché Fâché et j'ai pas envi de formater Indécis
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:48:10, on 10/03/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)
Boot mode: Normal
Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32Ati2evxx.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSsystem32Ati2evxx.exe
C:WINDOWSsystem32spoolsv.exe
C:Program Filesa-squared Freea2service.exe
C:WINDOWSExplorer.EXE
C:Program FilesKaspersky LabKaspersky Internet Security 6.0avp.exe
C:Program FilesElectronic ArtsMedal of Honor AirborneUnrealEngine3MOHAGamepbPnkBstrA.exe
C:WINDOWSsystem32svchost.exe
C:Program FilesHPHP Software UpdateHPWuSchd2.exe
C:Program FilesKaspersky LabKaspersky Internet Security 6.0avp.exe
C:Program FilesMicrosoft ActiveSyncWCESCOMM.EXE
C:WINDOWSsystem32ctfmon.exe
C:Program FilesATI TechnologiesATI.ACECore-StaticMOM.EXE
C:Program FilesASUS WiFi-AP SoloRtWLan.exe
C:Program FilesHPDigital Imaginginhpqtra08.exe
C:Program FilesATI TechnologiesATI.ACECore-Staticccc.exe
C:Program FilesMozilla Firefoxfirefox.exe
C:Program FilesDAPDAP.EXE
C:Program FilesFreshDevicesFreshDownloadfd.exe
C:Program FilesTrend MicroHijackThisHijackThis.exe
R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Search Bar =
http://www.google.fr/ie
R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Search Page =
http://www.google.fr
R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page =
http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL =
http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL =
http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page =
http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLMSoftwareMicrosoftInternet ExplorerSearch,SearchAssistant =
http://www.google.fr/ie
R0 - HKLMSoftwareMicrosoftInternet ExplorerSearch,CustomizeSearch =
R1 - HKCUSoftwareMicrosoftInternet ExplorerSearchURL,(Default) =
http://www.google.fr/keyword/%s
R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Local Page =
R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Liens
O2 - BHO: (no name) - {206E52E0-D52E-11D4-AD54-0000E86C26F6} - C:PROGRA~1FRESHD~1FRESHD~1FDCatch.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:Program FilesJavajre1.6.0inssv.dll
O3 - Toolbar: FreshDownload Bar - {ED0E8CA5-42FB-4B18-997B-769E0408E79D} - C:PROGRA~1FRESHD~1FRESHD~1fdiebar.dll
O4 - HKLM..Run: [JMB36X Configure] C:WINDOWSsystem32JMRaidTool.exe boot
O4 - HKLM..Run: [HP Software Update] "C:Program FilesHPHP Software UpdateHPWuSchd2.exe"
O4 - HKLM..Run: [StartCCC] "C:Program FilesATI TechnologiesATI.ACECore-StaticCLIStart.exe"
O4 - HKLM..Run: [kis] "C:Program FilesKaspersky LabKaspersky Internet Security 6.0avp.exe"
O4 - HKCU..Run: [H/PC Connection Agent] "C:Program FilesMicrosoft ActiveSyncWCESCOMM.EXE"
O4 - HKCU..Run: [ctfmon.exe] C:WINDOWSsystem32ctfmon.exe
O4 - HKUSS-1-5-19..RunOnce: [nltide1] cmd.exe /C move /Y "%SystemRoot%System32syssetub.dll" "%SystemRoot%System32syssetup.dll" (User 'SERVICE LOCAL')
O4 - HKUSS-1-5-19..RunOnce: [nltide2] cmd.exe /C rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,L,,4,N (User 'SERVICE LOCAL')
O4 - HKUSS-1-5-20..RunOnce: [nltide1] cmd.exe /C move /Y "%SystemRoot%System32syssetub.dll" "%SystemRoot%System32syssetup.dll" (User 'SERVICE RESEAU')
O4 - Global Startup: ASUS WiFi-AP Solo.lnk = ?
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:Program FilesHPDigital Imaginginhpqtra08.exe
O8 - Extra context menu item: &Clean Traces - C:Program FilesDAPPrivacy Packagedapcleanerie.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:Program FilesJavajre1.6.0inssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:Program FilesJavajre1.6.0inssv.dll
O9 - Extra button: Antivirus Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:Program FilesKaspersky LabKaspersky Internet Security 6.0scieplugin.dll
O9 - Extra button: Créer un Favori de l'appareil mobile - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:Program FilesMicrosoft ActiveSyncinetrepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:Program FilesMicrosoft ActiveSyncinetrepl.dll
O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:Program FilesMicrosoft ActiveSyncinetrepl.dll
O9 - Extra button: FreshDownload - {39FB13D0-0167-48B2-BA1B-19A4A2166744} - C:Program FilesFreshDevicesFreshDownloadfd.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:WINDOWSNetwork Diagnosticxpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:WINDOWSNetwork Diagnosticxpnetdiag.exe
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} -
http://fichiers.touslesdrivers.com/fich ... _0_4_9.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) -
http://acs.pandasoftware.com/activescan ... asinst.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -
http://fpdownload2.macromedia.com/get/s ... wflash.cab
O16 - DPF: {DFB5BCF1-06AE-4ABB-BFA8-1E228F41C50A} (CamfrogWEB Advanced Unicode Control) -
http://www.bobtv.fr/download/cfweb_www. ... module.exe
O17 - HKLMSystemCCSServicesTcpip..{AEEC1F14-12E5-4A4A-A451-28CAF57FF26D}: NameServer = 212.27.32.5,212.27.32.6
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:Program Filesa-squared Freea2service.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:WINDOWSsystem32Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:WINDOWSsystem32ati2sgag.exe
O23 - Service: Kaspersky Internet Security 6.0 (AVP) - Kaspersky Lab - C:Program FilesKaspersky LabKaspersky Internet Security 6.0avp.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:Program FilesFichiers communsInstallShieldDriver11Intel 32IDriverT.exe
O23 - Service: Pml Driver HPZ12 - HP - C:WINDOWSsystem32HPZipm12.exe
O23 - Service: PunkBuster (PnkBstrA) - Unknown owner - C:Program FilesElectronic ArtsMedal of Honor AirborneUnrealEngine3MOHAGamepbPnkBstrA.exe
--
End of file - 6946 bytes
Merci d'avance